Ga naar inhoud

22 find tapak portal verwijderen


Aanbevolen berichten

hallo

firefox start op met snap do wat ik denk te hebben verwijderd met Hijackthis.

nu start Firefox op met 22 find tapak portal

onderstaand het logbestand na het scannen.

kan iemand mij helpen?

peter

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:32:21, on 24-3-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16470)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll

O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe

O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\Gebruiker\AppData\Local\Smartbar\Application\SnapDo.exe startup

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://www.samsungsetup.com

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe

O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13901 bytes

Link naar reactie
Delen op andere sites

Hoi Peter,

welkom op PCH.

Je topic werd verplaatst naar Bestrijding spyware, virussen, zo word je sneller geholpen door een malware-specialist.

Neem in afwachting van de analyse van je logje deze (klik er op) Welkom Gids eens door, dan ben je helemaal "mee"... knipoog.gif

Link naar reactie
Delen op andere sites

Ga naar start - alle programma's - bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor uitvoeren als administrator om het opdrachtprompt te openen.

Tik in: sc stop McComponentHostService en druk op Enter.

Tik in: sc delete McComponentHostService en druk op Enter.

Tik in exit en druk Enter.

Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie en laat ons weten welke foutmelding je kreeg.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing)

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll

O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll

O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)

O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\Gebruiker\AppData\Local\Smartbar\Application\SnapDo.exe startup

Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw logje van hijackthis.

Link naar reactie
Delen op andere sites

hallo

allereerst bedankt voor al je moeite.

het lukt me nog niet om 22 find te verwijderen

de eerste 3 regels die ik zou moeten verwijderen stonden er niet bij.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

hierbij de gegevens

Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100

Malwarebytes : Free anti-malware download

Databaseversie: v2013.03.28.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Gebruiker :: DESKTOPPETER [administrator]

Bescherming: Ingeschakeld

28-3-2013 16:12:51

mbam-log-2013-03-28 (16-12-51).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 238588

Verstreken tijd: 3 minuut/minuten, 3 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 1

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Slecht: (22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!) Goed: (Google) -> Succesvol in quarantaine geplaatst en gerepareerd.

Mappen gedetecteerd: 5

C:\Users\Gebruiker\AppData\Roaming\__mnfact__ (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Roaming\__mnfact__\__product__ (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Roaming\__mnfact__\__product__\ImageEditor (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Roaming\__mnfact__\__product__\ImageEditor\History (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Roaming\__mnfact__\__product__\ImageEditor\History\1794 (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 2

C:\Users\Gebruiker\AppData\Local\Temp\22find_mlv.exe (Adware.ChinAd) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Gebruiker\AppData\Local\Temp\blabbers-ff-le.xpi (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100

Malwarebytes : Free anti-malware download

Databaseversie: v2013.03.28.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Gebruiker :: DESKTOPPETER [administrator]

Bescherming: Ingeschakeld

28-3-2013 16:26:07

mbam-log-2013-03-28 (16-26-07).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 238083

Verstreken tijd: 3 minuut/minuten, 48 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100

Malwarebytes : Free anti-malware download

Databaseversie: v2013.03.29.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Gebruiker :: DESKTOPPETER [administrator]

Bescherming: Ingeschakeld

29-3-2013 14:14:49

mbam-log-2013-03-29 (14-14-49).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 238762

Verstreken tijd: 2 minuut/minuten, 40 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100

Malwarebytes : Free anti-malware download

Databaseversie: v2013.03.29.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Gebruiker :: DESKTOPPETER [administrator]

Bescherming: Ingeschakeld

29-3-2013 14:14:49

mbam-log-2013-03-29 (14-14-49).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 238762

Verstreken tijd: 2 minuut/minuten, 40 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

2013/03/29 10:30:54 +0100 DESKTOPPETER Gebruiker MESSAGE Starting protection

2013/03/29 10:30:54 +0100 DESKTOPPETER Gebruiker MESSAGE Protection started successfully

2013/03/29 10:30:54 +0100 DESKTOPPETER Gebruiker MESSAGE Starting IP protection

2013/03/29 10:31:00 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection started successfully

2013/03/29 10:33:11 +0100 DESKTOPPETER Gebruiker MESSAGE Executing scheduled update: Daily

2013/03/29 10:33:17 +0100 DESKTOPPETER Gebruiker MESSAGE Scheduled update executed successfully: database updated from version v2013.03.28.08 to version v2013.03.29.02

2013/03/29 10:33:17 +0100 DESKTOPPETER Gebruiker MESSAGE Starting database refresh

2013/03/29 10:33:17 +0100 DESKTOPPETER Gebruiker MESSAGE Stopping IP protection

2013/03/29 10:33:17 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection stopped successfully

2013/03/29 10:33:19 +0100 DESKTOPPETER Gebruiker MESSAGE Database refreshed successfully

2013/03/29 10:33:19 +0100 DESKTOPPETER Gebruiker MESSAGE Starting IP protection

2013/03/29 10:33:22 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection started successfully

2013/03/29 14:14:39 +0100 DESKTOPPETER Gebruiker MESSAGE Starting database refresh

2013/03/29 14:14:39 +0100 DESKTOPPETER Gebruiker MESSAGE Stopping IP protection

2013/03/29 14:14:39 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection stopped successfully

2013/03/29 14:14:41 +0100 DESKTOPPETER Gebruiker MESSAGE Database refreshed successfully

2013/03/29 14:14:41 +0100 DESKTOPPETER Gebruiker MESSAGE Starting IP protection

2013/03/29 14:14:44 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection started successfully

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:12:48, on 29-3-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16470)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe

C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

D:\Users\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NL&userid=3af604dc-eab3-4f63-b776-dc99f094f52e&searchtype=ds&q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NL&userid=3af604dc-eab3-4f63-b776-dc99f094f52e&searchtype=ds&q={searchTerms}

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NL&userid=3af604dc-eab3-4f63-b776-dc99f094f52e&searchtype=ds&q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NL&userid=3af604dc-eab3-4f63-b776-dc99f094f52e&searchtype=ds&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://www.samsungsetup.com

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe

O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14206 bytes

groet en

petersucces

Link naar reactie
Delen op andere sites

Download AdwCleaner by Xplode naar je bureaublad.

A3qkP9RCEAAOZhQ.jpg

Sluit alle openstaande vensters.

  • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  • Voor XP: Gewoon dubbelklikken op AdwCleaner.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht, samen met een nieuw logje van hijackthis.

Link naar reactie
Delen op andere sites

# AdwCleaner v1.606 - Logfile created 03/31/2013 at 14:03:38

# Updated 10/05/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Gebruiker - DESKTOPPETER

# Running from : D:\Users\Desktop\AdwCleaner_1.606_En.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Users\Gebruiker\AppData\Local\Smartbar

Folder Deleted : C:\Users\GEBRUI~1\AppData\Local\Temp\BabylonToolbar

Folder Deleted : C:\Users\GEBRUI~1\AppData\Local\Temp\Smartbar

Folder Deleted : C:\Users\Gebruiker\AppData\LocalLow\Smartbar

Folder Deleted : C:\Users\Gebruiker\AppData\Roaming\Babylon

Folder Deleted : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\extensions\helperbar@helperbar.com

Folder Deleted : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\extensions\plugin@yontoo.com

Folder Deleted : C:\ProgramData\Ask

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\Tarma Installer

File Deleted : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\searchplugins\Askcom.xml

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Deleted : HKCU\Software\Smartbar

Key Deleted : HKCU\Software\SmartbarBackup

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\SOFTWARE\Babylon

Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane

Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

[x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer

[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}

[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

[x64] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (nl)

Profile name : default

File : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\prefs.js

C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultengine", "Ask.com");

Deleted : user_pref("browser.search.selectedEngine", "Web Search");

Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);

-\\ Google Chrome v [unable to get version]

File : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.1.1532.0

File : C:\Users\Gebruiker\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9057 octets] - [31/03/2013 13:58:29]

AdwCleaner[s1].txt - [6688 octets] - [31/03/2013 14:03:38]

########## EOF - C:\AdwCleaner[s1].txt - [6816 octets] ##########

Link naar reactie
Delen op andere sites

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

 
startupall; 
filesrcm; 

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.

    • HijackThis Log
    • Firefox Look
    • Chrome Look
    • Firefox Defaults
    • Reset Chrome
    • Empty Temp Folders
    • Shortcut Fix
    • IE Defaults
    • Auto Clean

    [*] Klik daarna op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Wil je ook deze tool laten runnen na het gebruik van Zoek.exe aub.

Download Shortcut Cleaner (Website)

  • Dubbelklik op sc-cleaner.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Wanneer de tool gereed is krijgt u de melding "A log file called sc-cleaner.txt has been created on your desktop and will be shown automatically. This file contains those shortcuts hijacked by this malware." te zien.
  • Klik op Ok en plaats de inhoud van sc-cleaner.txt in het volgende bericht

Link naar reactie
Delen op andere sites

Shortcut Cleaner 1.2.2 by Lawrence Abrams (Grinler)

Bleeping Computer - Technical Support and Computer Help

Copyright 2008-2013 BleepingComputer.com

More Information about Shortcut Cleaner can be found at this link:

Shortcut Cleaner Download

Windows Version: Windows 7 Home Premium Service Pack 1

Program started at: 03/31/2013 11:48:08 PM.

Scanning for registry hijacks:

* HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs "Tabs" hijacked to 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

Backup Registry file created at:

D:\Users\Desktop\sc-cleaner\sc-cleaner-03-31-2013-11-48-08.reg

Searching for Hijacked Shortcuts:

Searching C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching D:\Users\Desktop

0 bad shortcuts found.

Program finished at: 03/31/2013 11:48:08 PM

Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

Zoek.exe Version 4.0.0.2 Updated 30-03-2013

Tool run by Gebruiker on zo 31-03-2013 at 23:34:11,45.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== FireFox Fix ======================

Deleted from C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\6xcgcps1.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\6xcgcps1.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\GEBRUI~1\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-03-28 15:11:49 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-03-28 09:18:37 FF20F67DD5644BD1D2E7FCD95AF7F03B 158024 ----a-w- C:\Windows\Sysnative\drivers\ssadserd.sys

2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\Sysnative\drivers\ssadcmnt.sys

2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\Sysnative\drivers\ssadcm.sys

2013-03-28 09:18:37 D6CFD3B2EABCF9327DE39C62BABFA1E3 21320 ----a-w- C:\Windows\Sysnative\drivers\ssadmdfl.sys

2013-03-28 09:18:37 5EB01E6148742C3EC2185AC92F6D16FD 188232 ----a-w- C:\Windows\Sysnative\drivers\ssadmdm.sys

2013-03-28 09:18:37 52D6F40B50ECFC051979FEC68E74F0F8 169288 ----a-w- C:\Windows\Sysnative\drivers\ssadbus.sys

2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\Sysnative\drivers\ssadwhnt.sys

2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\Sysnative\drivers\ssadwh.sys

2013-03-26 19:21:16 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys

====== C:\Windows\Tasks ======

2013-03-24 10:09:34 2125C3D53BD6884A99302B6C000FED3B 518 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d430fb90-fe50-4a7a-9072-3c3637e8abcf.job

2013-03-24 10:09:33 081CEF60C8491DA2E752C70512856E2B 518 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9edbe015-1ba0-46bd-9070-08f507739446.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-03-24 09:59:49 -------- d-----w- C:\Program Files\Enigma Software Group

======= C:\Program Files (x86) =====

2013-03-24 21:01:47 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-03-24 09:59:03 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2013-03-20 15:09:06 -------- d-----w- C:\Program Files (x86)\Common Files\Skype

2013-03-17 20:59:12 -------- d-----w- C:\Program Files (x86)\Mozilla Thunderbird

======= C: =====

2013-03-31 21:28:33 0F3E09223BC56DBEBAF1F6ABD800D2AF 2334 ----a-w- C:\sc-cleaner.txt

2013-03-31 12:03:38 4EF83A9EEDE5FB2AC22A3F551D161106 6801 ----a-w- C:\AdwCleaner[s1].txt

2013-03-31 11:58:29 201F9C318893A415B04BA984BBC44707 9057 ----a-w- C:\AdwCleaner[R1].txt

2013-03-24 10:00:04 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\Gebruiker\AppData\Roaming ======

2013-03-31 20:48:38 -------- d-----w- C:\users\Gebruiker\AppData\Local\Temp

2013-03-30 17:26:21 18B8B312973D3B066027B556FA318AC1 38465 ----a-w- C:\users\Gebruiker\AppData\Roaming\Door lijstscheidingstekens gescheiden waarden (DOS).ADR

2013-03-30 16:38:05 33695573F41B46AEC70B5591E64F4C3C 38448 ----a-w- C:\users\Gebruiker\AppData\Roaming\Door tabs gescheiden waarden (Windows).ADR

2013-03-28 15:11:28 -------- d-----w- C:\users\Gebruiker\AppData\Local\Programs

====== C:\Users\Gebruiker ======

====== C: exe-files ==

2013-03-30 08:08:35 A996A3FCBD1DD86F908A6304120B3FE6 7548744 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgmfapx.exe

2013-03-30 08:08:35 9F96249A7823C7C2B9E0B6D46A77CAE6 15920 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrdtestx.exe

2013-03-30 08:08:35 7DDB04EFCA15BEE73286D67270894303 44080 ----a-w- C:\ProgramData\MFAData\SelfUpd\avguirux.exe

2013-03-30 08:08:34 69D812B395637F8FCFEA7C7CC1660AE1 628272 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpx.exe

2013-03-30 08:08:32 AD6D792FA7A34A5E742ABAE1BE0DECBB 2940496 ----a-w- C:\ProgramData\MFAData\SelfUpd\safeguard.exe

2013-03-30 08:08:32 A207399E698B1AE761300218A5C6C997 189560 ----a-w- C:\ProgramData\MFAData\SelfUpd\fixcfg.exe

2013-03-30 08:08:32 6CDB170214F110345D3DE78D0C189963 408344 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgwsc.exe

2013-03-30 08:08:31 6B72E1E329C4E98C6B6FDD2D265E3BA3 196664 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgwdsvc.exe

2013-03-30 08:08:29 E7A82AA20C6AAC418A7ABFFAB5049149 326264 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgndisa.exe

2013-03-30 08:08:29 DC83C9F4130F447EAD187879708C8035 952952 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrsa.exe

2013-03-30 08:08:29 BC24870D220DD11CB6E2BD4189F33B43 433272 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmax.exe

2013-03-30 08:08:29 B809B20913A473AA204F85FB5BB33DDB 410744 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgscana.exe

2013-03-30 08:08:29 A91E381471BEAD831335D253377D94E3 349304 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgscanx.exe

2013-03-30 08:08:29 9DADF1A809ECEC86F04BDE35190D59FE 3147384 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgui.exe

2013-03-30 08:08:29 88898DBB395E15F084C57533615C4BA6 16504 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrdtesta.exe

2013-03-30 08:08:29 4D1BE3536D17A1B3862BC998D1834A26 510072 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmaa.exe

2013-03-30 08:08:29 2FC6C98A23864B2E50E53B4848939EAF 1354360 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgnsa.exe

2013-03-30 08:08:29 16ED62929808C759270D9720BDAE6135 796792 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpa.exe

2013-03-30 08:08:29 12003A9A3EFAD99FEC9EEA9B4021444B 2764384 ----a-w- C:\ProgramData\MFAData\SelfUpd\AVGTBInstall.exe

2013-03-30 08:08:28 FF0602E28D69B977F889D435F902545E 952440 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgemca.exe

2013-03-30 08:08:28 DE35D659575C700BA4E8E912671EA4BA 2763896 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdiagex.exe

2013-03-30 08:08:28 DB34611AFB2647628D215BB215095181 649848 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcmgr.exe

2013-03-30 08:08:28 CF433BC29D4089D264F24A1ED371941D 531576 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrva.exe

2013-03-30 08:08:28 BB6F4582FB8D7A2B934E50DC5FBE7ABB 4658296 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcrema.exe

2013-03-30 08:08:28 B2247A6EC9B84C9D50A6571EF7CD6221 825976 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpa.exe

2013-03-30 08:08:28 AFA4960B02E3A9A972B9D7FC03AFCE29 622200 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpx.exe

2013-03-30 08:08:28 99997FA9056ACB38AA388BDA134CEF6E 440440 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrvx.exe

2013-03-30 08:08:28 8FE9D01FA51260A9B5373D46E86D4F9D 329848 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcfgex.exe

2013-03-30 08:08:28 4AFC14AFA58878FAA1D249E7E90EA54B 5814904 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgidsagent.exe

2013-03-29 11:50:24 3EB7FAB7C02C427DE97CB0387CDE1BAF 602480 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe

2013-03-28 09:32:42 2D6168D8010C7B6DB1DCBF42B0113056 602480 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

=== C: other files ==

2013-03-31 20:30:19 EF4119DCE26EF8B1EB4A3C8B91EEE598 767734 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\7919a65a-8c47-47d3-bc11-c593afbc482a.zip

2013-03-31 19:50:01 1A366843249759A9701129387BD6D95A 44758 ----a-w- C:\Users\Public\Desktop\sample_31-03-2013_2149.zip

2013-03-30 08:42:21 A024E6A14F2DB7B937B54D19F7297E1F 1394398 ----a-w- C:\Program Files (x86)\AVG\AVG2013\banners\banners.zip

2013-03-28 15:11:49 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-28 09:18:51 F1D8F6471BD4E5C82E05A61CB2BD8A5E 203544 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssuddmgr.sys

2013-03-28 09:18:51 E07BB90071FA944038B0CF3FC050E485 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudobex.sys

2013-03-28 09:18:51 C8BE6ED9243AD3979FE951A5CAE3A43F 203544 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudobex.sys

2013-03-28 09:18:51 B4C983DA20E2970E21893BF0E4EE2AD8 203544 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudmdm.sys

2013-03-28 09:18:51 9247D13A2E698BD21A3C5DBDB888D60A 39192 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudeadb.sys

2013-03-28 09:18:51 6D82CB78DE57A073E95431F3486B1B27 181784 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudmdm.sys

2013-03-28 09:18:51 649705E3DAE598BC0F957BACBF9A2BD5 83864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudbus.sys

2013-03-28 09:18:51 609380EF89848478E8142E99112B8ADF 203544 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudserd.sys

2013-03-28 09:18:51 5EB966307B86B4EC5887BCE5B9FA0D0D 80664 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudrmnetmp.sys

2013-03-28 09:18:51 5E9A7EB8BDCB3EA53E7C928468CF620F 45336 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudnd5.sys

2013-03-28 09:18:51 5DF217459915F45AFED54451C2115389 92952 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudrmnetmp.sys

2013-03-28 09:18:51 5D8662BA2EC14E912E6627815BAB5435 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssuddmgr.sys

2013-03-28 09:18:51 5A66CCA2AC05AB34E81FC858028A2580 67864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudrmnet.sys

2013-03-28 09:18:51 4865C6087813D7E75E806974EEAB9863 59160 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudrmnet.sys

2013-03-28 09:18:51 41AC348DBD378F618CB4FDEE54270692 102936 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudbus.sys

2013-03-28 09:18:51 4041AE4CDB45B3C77C325118DFB22615 33176 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudeadb.sys

2013-03-28 09:18:51 373DA4FCFD4737C9227D8A4EDD5D7BC6 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudserd.sys

2013-03-28 09:18:51 0D915778E852534F1630536D68A5B6F5 50968 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudnd5.sys

2013-03-28 09:18:37 FF20F67DD5644BD1D2E7FCD95AF7F03B 158024 ----a-w- C:\Windows\System32\drivers\ssadserd.sys

2013-03-28 09:18:37 FF20F67DD5644BD1D2E7FCD95AF7F03B 158024 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadserd.sys

2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\System32\drivers\ssadcmnt.sys

2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\System32\drivers\ssadcm.sys

2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadcmnt.sys

2013-03-28 09:18:37 D6CFD3B2EABCF9327DE39C62BABFA1E3 21320 ----a-w- C:\Windows\System32\drivers\ssadmdfl.sys

2013-03-28 09:18:37 D6CFD3B2EABCF9327DE39C62BABFA1E3 21320 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdfl.sys

2013-03-28 09:18:37 BB6EDB0257860083193CC1581AC7D485 136904 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadbus.sys

2013-03-28 09:18:37 9EFD9F42795C9E90206C1E9A9B25E8D3 130248 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadserd.sys

2013-03-28 09:18:37 88BBDA3D977429C6DAB0991EC5339A19 15304 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadwhnt.sys

2013-03-28 09:18:37 5EB01E6148742C3EC2185AC92F6D16FD 188232 ----a-w- C:\Windows\System32\drivers\ssadmdm.sys

2013-03-28 09:18:37 5EB01E6148742C3EC2185AC92F6D16FD 188232 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdm.sys

2013-03-28 09:18:37 5BCB68F7B62159C07789D3F405750623 17864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdfl.sys

2013-03-28 09:18:37 52D6F40B50ECFC051979FEC68E74F0F8 169288 ----a-w- C:\Windows\System32\drivers\ssadbus.sys

2013-03-28 09:18:37 52D6F40B50ECFC051979FEC68E74F0F8 169288 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadbus.sys

2013-03-28 09:18:37 3CF7A4350C9646D92F147D620EC0D363 38080 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadadb.sys

2013-03-28 09:18:37 370168F1FD1CEF45DA470A44439426CA 15560 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadcmnt.sys

2013-03-28 09:18:37 2F8616646215EEDB28C2E40994DB8E38 32064 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadadb.sys

2013-03-28 09:18:37 1588A89F9CD9E68DE9FCC9F60FDB5C08 153672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdm.sys

2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\System32\drivers\ssadwhnt.sys

2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\System32\drivers\ssadwh.sys

2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadwhnt.sys

2013-03-28 09:18:31 FA03D4C16F2F7ACD43E6317767764E0C 169288 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscebus.sys

2013-03-28 09:18:31 F45937AB7F170570DC40F7A00F65AAF9 16768 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscecm95.sys

2013-03-28 09:18:31 EB5818115562D45A66E23C85C90E9442 158024 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\ssceserd.sys

2013-03-28 09:18:31 D72A342711D3CB977BE9F2605EE853B5 13184 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscewh95.sys

2013-03-28 09:18:31 9428B5CA620EBB466BF82C834AD90285 10624 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscecr.sys

2013-03-28 09:18:31 82E42B6977C614CC9D036723D410A1DF 153672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscemdm.sys

2013-03-28 09:18:31 7E7493BBEE5468BB34C9E019A06F5310 15304 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscewhnt.sys

2013-03-28 09:18:31 718442270A7719652DF0BDD5A85B3B46 15560 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscecmnt.sys

2013-03-28 09:18:31 625A76BFBB915F7AE8141A4165F41E88 130376 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\ssceserd.sys

2013-03-28 09:18:31 5D00795AD1BBD618A0CF993E979E0143 17224 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscecmnt.sys

2013-03-28 09:18:31 50C23ED603E5DF8A7CF1D56DDEF31A15 21320 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscemdfl.sys

2013-03-28 09:18:31 33B11FF28DF39D086E3D80ACC0F87D90 136904 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscebus.sys

2013-03-28 09:18:31 2697A4F6BA959FDD45249C9DE1D725E8 17736 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscewhnt.sys

2013-03-28 09:18:31 2635EB2E07E7389977E1F87B2570E655 17864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscemdfl.sys

2013-03-28 09:18:31 1F48814204F6B2C03687A1675772E899 188232 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscemdm.sys

2013-03-28 09:18:27 DF11D259C10C9D0DFCCBA1093C5DB1BD 169288 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdbus.sys

2013-03-28 09:18:27 BF6F31B9F5A98400DFB42CDB2C6537E1 130248 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdserd.sys

2013-03-28 09:18:27 96E20FE523F992F96CCA23B2437F5CC7 15304 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdwhnt.sys

2013-03-28 09:18:27 68820F9A67F0D170A6842094EBDCD924 17864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdfl.sys

2013-03-28 09:18:27 6166669C3BC2624EA479A482AE663E21 17736 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdwhnt.sys

2013-03-28 09:18:27 3EF9386DC95BF2AE60D08367E5E4E785 21320 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdfl.sys

2013-03-28 09:18:27 187C98B48C70400C7CE5F11EC2BB9214 17224 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdcmnt.sys

2013-03-28 09:18:27 1381D76044350F327539E47B67367992 158024 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdserd.sys

2013-03-28 09:18:27 0A3B7562002C50F208FCCDEB7380B57B 153672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdm.sys

2013-03-28 09:18:27 00D2AA893C662A9EB9B779F6CA2B0DFB 188232 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdm.sys

2013-03-28 09:18:26 E6CE6348A4F6E06925548F62527F0F99 136776 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdbus.sys

2013-03-28 09:18:26 8F40A62436A05A8963391DFB1D9F2876 15560 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdcmnt.sys

2013-03-26 19:21:16 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3296328746-1987701534-2720084352-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"AirVideoServer"="C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

"Yontoo Desktop"="C:\Users\Gebruiker\AppData\Roaming\Yontoo\YontooDesktop.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"Aimersoft Helper Compact.exe"="C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"AirVideoServer"="C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

"Yontoo Desktop"="C:\Users\Gebruiker\AppData\Roaming\Yontoo\YontooDesktop.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16-03-2013 00:39]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22-11-2012 10:46]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22-11-2012 10:46]

C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 9edbe015-1ba0-46bd-9070-08f507739446.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [04-05-2011 19:52]

C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d430fb90-fe50-4a7a-9072-3c3637e8abcf.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [04-05-2011 19:52]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\6xcgcps1.default

4676A8E1EE37E71486717ECD1E61C17B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default

47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash

2616B4D6D04F18C579B7861F02B0B592 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.130.20

4676A8E1EE37E71486717ECD1E61C17B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

Google Docs - Gebruiker - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Gebruiker - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Gebruiker - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Gebruiker - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

SiteAdvisor - Gebruiker - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

Delta Toolbar - Gebruiker - Default\Extensions\gnnabbonolmdccgncgckdfikehphiknc

AVG Safe Search - Gebruiker - Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

AVG Do Not Track - Gebruiker - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Gmail - Gebruiker - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={35707DFB-0699-49AE-81ED-DB7B863D3E4A}&mid=8e9a7141a55b47d0b91cc593afbc482a-7d669b3300abb1cc213ad9a6e21d14f10d2b9384〈=nl&ds=AVG&pr=fr&d=2013-01-19"

{9BDA8FE9-D368-48D5-8910-A85041D89A97} Bing Url="http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox"

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk -

C:\Users\Public\Desktop\AVG 2013.lnk -

C:\Users\Public\Desktop\calibre - E-book management.lnk -

C:\Users\Public\Desktop\Google Earth.lnk -

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -

C:\Users\Public\Desktop\Mozilla Firefox.lnk -

C:\Users\Public\Desktop\Skype.lnk -

C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk -

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2013.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 Help.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 verwijderen.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\calibre - E-book management.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\E-book viewer.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\LRF viewer.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Agenda.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contactgegevens.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-mail.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Fotostream.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Zoek mijn iPhone.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec\1.0b beta\Uninstall.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk -

==== shortcuts in Quick Launch ======================

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Gebruiker\AppData\Roaming\Yontoo\YontooDesktop.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://www.samsungsetup.com

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe

O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\986pwd84.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.